Documentation ¶
Index ¶
- Constants
- func AggregateScore(vulnerabilities []Vulnerability) float32
- func ScoreSeverity(severity SeverityRank) float32
- func SecurityStatus(score float32) string
- func ValidateReport(r Report) error
- func ValidateVulnerability(v Vulnerability) error
- type Attachment
- type ByScore
- type CheckData
- type Report
- type ResourcesGroup
- type ResultData
- type SeverityRank
- type Vulnerability
Constants ¶
const ( CategoryIssue = "ISSUE" CategoryPotentialIssue = "POTENTIAL_ISSUE" CategoryCompliance = "COMPLIANCE" CategoryInformational = "INFORMATIONAL" )
const ( // SeverityThresholdNone defines interesting findings that are not vulnerabilities. SeverityThresholdNone = 0 // SeverityThresholdLow defines vulnerabilities with low impact. SeverityThresholdLow = 3.9 // SeverityThresholdMedium defines vulnerabilities with medium impact. SeverityThresholdMedium = 6.9 // SeverityThresholdHigh defines vulnerabilities with high impact. SeverityThresholdHigh = 8.9 // SeverityThresholdCritical defines vulnerabilities with critical impact. SeverityThresholdCritical = 10 )
https://nvd.nist.gov/vuln-metrics/cvss/ CVSS v3.0 Ratings
Severity Base Score Range None 0.0 Low 0.1 - 3.9 Medium 4.0 - 6.9 High 7.0 - 8.9 Critical 9.0 -10.0
Variables ¶
This section is empty.
Functions ¶
func AggregateScore ¶
func AggregateScore(vulnerabilities []Vulnerability) float32
AggregateScore returns an aggregated score for a group of vulnerabilities. NOTE: This is currently a placeholder function which returns the maximum severity score.
func ScoreSeverity ¶
func ScoreSeverity(severity SeverityRank) float32
ScoreSeverity returns the maximum score according to a severity rank.
func SecurityStatus ¶
SecurityStatus returns a grade from A to F (A is good, F is bad) given a target aggregated score
func ValidateVulnerability ¶
func ValidateVulnerability(v Vulnerability) error
ValidateVulnerability validates a Vulnerability.
Types ¶
type Attachment ¶
type Attachment struct { Name string `json:"name"` ContentType string `json:"content_type"` Data []byte `json:"data"` }
Attachment found when running the check
type ByScore ¶
type ByScore []Vulnerability
type CheckData ¶
type CheckData struct { CheckID string `json:"check_id"` // Mandatory. ChecktypeName string `json:"checktype_name"` // Mandatory. ChecktypeVersion string `json:"checktype_version"` // Mandatory. Status string `json:"status"` // Mandatory. Target string `json:"target"` // Mandatory. Options string `json:"options"` Tag string `json:"tag"` StartTime time.Time `json:"start_time"` // Mandatory. EndTime time.Time `json:"end_time"` }
CheckData defines the data about the execution of the check that generated the report.
type Report ¶
type Report struct { CheckData ResultData }
Report represents a check vulnerability report.
func (*Report) MarshalJSONTimeAsString ¶
MarshalJSONTimeAsString marshals a Report to JSON using time as string A custom marshaler is used to rewrite times for Athena and Rails. TODO: Discuss if this is necessary or if we can drop it.
func (*Report) UnmarshalJSONTimeAsString ¶
UnmarshalJSONTimeAsString unmarshals a JSON to a Report using time as string
type ResourcesGroup ¶
ResourcesGroup a self-defined table for resources sharing the same attributes. Example: Name: Network Resource Header: | Hostname | Port | Protocol | Service | Rows:
| www.adevinta.com | 80 | tcp | http | | www.adevinta.com | 443 | tcp | http |
The way the Rows are defined is using a map with values for every key defined at the Header attribute.
type ResultData ¶
type ResultData struct { Vulnerabilities []Vulnerability `json:"vulnerabilities"` // Array of identified vulnerabilities. Data []byte `json:"data,omitempty"` // Free field for additional data. Notes string `json:"notes,omitempty"` // Free field for additional notes. Error string `json:"error"` // Error message, if any. NotApplicable bool `json:"not_applicable,omitempty"` // If the check was not really applicable. }
ResultData contains the data regarding result of the execution of a check, for instance: vulnerabilities, notes, etc.
func (*ResultData) AddVulnerabilities ¶
func (r *ResultData) AddVulnerabilities(v ...Vulnerability)
AddVulnerabilities is a handy method to add one or more Vulnerabilities to the ResultData.Vulnerability array. It's equivalent to r.Vulnerabilities = append(r.Vulnerabilities,v).
type SeverityRank ¶
type SeverityRank int
const ( // SeverityNone defines interesting findings that are not vulnerabilities. SeverityNone SeverityRank = iota // SeverityLow defines vulnerabilities with low impact. SeverityLow // SeverityMedium defines vulnerabilities with medium impact. SeverityMedium // SeverityHigh defines vulnerabilities with high impact. SeverityHigh // SeverityCritical defines vulnerabilities with critical impact. SeverityCritical )
func RankSeverity ¶
func RankSeverity(score float32) SeverityRank
RankSeverity returns the severity rank according to predefined score thresholds.
type Vulnerability ¶
type Vulnerability struct { ID string `json:"id"` // Arbitrary UUID that uniquely identifies the vulnerability in every scan. Summary string `json:"summary"` // Mandatory. Vulnerability title. Score float32 `json:"score"` // Vulnerability severity score. According to CVSSv3 base score. AffectedResource string `json:"affected_resource"` // Indicates the concrete resource affected by the vulnerability. AffectedResourceString string `json:"affected_resource_string"` // Optionally indicates a human-readable meaningful version of the AffectedResource. Fingerprint string `json:"fingerprint"` // Fingerprint defines the context in where the vulnerability has been found. CWEID uint32 `json:"cwe_id,omitempty"` // CWE-ID. Description string `json:"description,omitempty"` // Vulnerability description. Details string `json:"details,omitempty"` // Vulnerability details generated when running the check against the target. ImpactDetails string `json:"impact_details,omitempty"` // Vulnerability impact details. Labels []string `json:"labels,omitempty"` // A list of labels (strings) to enrich the vulnerability. Recommendations []string `json:"recommendations,omitempty"` // Vulnerability remediation suggestions. References []string `json:"references,omitempty"` // Reference URLs for more information. Resources []ResourcesGroup `json:"resources,omitempty"` // ResourcesGroups found when running the check. Attachments []Attachment `json:"attachments,omitempty"` // Attachments found when running the check Vulnerabilities []Vulnerability `json:"vulnerabilities"` // Mandatory. Array of identified vulnerabilities. }
Vulnerability represents a single security vulnerability found while running a check.
func (*Vulnerability) AddVulnerabilities ¶
func (v *Vulnerability) AddVulnerabilities(vulnerabilities ...Vulnerability)
AddVulnerabilities is a handy method to add one or more Vulnerabilities to the Vulnerability.Vulnerabilities array. It's equivalent to v.Vulnerabilities = append(v.Vulnerabilities,vulnerabilities)
func (*Vulnerability) AggregateScore ¶
func (v *Vulnerability) AggregateScore()
AggregateScore recalculates the score field for a parent vulnerability.
func (Vulnerability) Severity ¶
func (v Vulnerability) Severity() SeverityRank
Severity returns the severity rank for a vulnerability.
func (Vulnerability) Validate ¶
func (v Vulnerability) Validate() error
Validate checks if a vulnerability is valid.